Research and Implementation of Embeded Web System Security
|School||Nanjing University of Posts and Telecommunications|
|Course||Applied Computer Technology|
|Keywords||Embedded Web System Authentication Access Control|
With the rapid development of embedded technology and Web technology , the embedded Web system for its convenience , practicality is widely used in various fields , more and more embedded devices can be accessed via the Web and control , as well as with to many security risks and complexity of resource management issues . This paper studies the embedded Web system security issues . To an actual embedded Web system as the research background , embedded Web system faces major security threats as well as the appropriate defensive measures , designed to access before the visit and after the visit to the three stages of the embedded Web system access control model. Considering safety , cost , and the difficulty of the factors , the design of the human-computer interaction class based on the IP address and user password authentication mechanism to improve access security , and divided depending on the security requirements for Loose , strict and single-user - access patterns . Add cookies and session - based packet propagation authentication mechanism through comparative analysis of several traditional access control models , role-based access control model based on page views , refined service call and access control granularity , while introducing role inheritance , the commission authorized some control mechanism , increase the flexibility of the authorization at the same time improve the access control security , to reduce the complexity . Operation logging user access process safety management after access to the user 's operating behavior . These access control model , and provide a functional service call interface . The test results show that the various functional modules of the model can be correct , efficient , stable job .